The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013. The Rule aims to strengthen existing privacy protections within the Health Insurance... more +

The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013. The Rule aims to strengthen existing privacy protections within the Health Insurance Portability and Accountability Act of 1996 (HIPAA), improve the government's ability to enforce those protections, and give individuals greater access to their health information. One of the most significant changes associated with the Rule is the application of HIPAA's requirements to business associates of health care providers and health care claim processors. HHS broadened HIPAA's application to these groups after several large breaches were tied to business associates. less -

Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including an increase in so-called “high-impact...more

Recent Trends in HIPAA Liability -
Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including...more

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

The Department of Health and Human Services (HHS) has released a proposed rule that would modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule by allowing health care providers to make certain...more

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA...more

Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus...more

Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more

Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

Nearly one year after a Massachusetts provider paid $1.5 million to settle potential HIPAA violations for the theft of an unencrypted laptop containing protected health information (PHI), providers are reminded once again of...more

September 23, 2013, the deadline for compliance with the new Health Insurance Portability and Accountability Act (HIPAA) regulations, is here. Although there has been much discussion about the new regulations since they were...more

This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more

Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule.
In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape.
Here...more

September 23rd is the HIPAA Omnibus Rule compliance deadline. The Rule expands the definition of Business Associates (BAs). Are you prepared?
Incorrect determinations lead to increased risk and potential liability for...more

On September 11, 2013, HHS stated in a joint motion filed in the case of Adheris, Inc. v. Sebelius, No. 1:13-cv-1342 (D.D.C.), that it plans to issue guidance on a HIPAA regulation related to prescription drug refill...more

The HIPAA Privacy Regulations have long required covered entities to seek a patient authorization in order to use or disclose protected health information ("PHI") for marketing purposes. However, the Office for Civil Rights...more

The September 23, 2013 deadline for covered entities, business associates and their subcontractors to implement the new HIPAA rules is approaching quickly. In case you missed it, on January 25, 2013, the U.S. Department of...more

The new HIPAA regulations become effective on September 23, 2013. Many health care providers have been focused on revising business associate agreements and getting them signed up. Keep in mind that new business associate...more

HIPAA Final Regulations -
In January of this year, the Department of Health and Human Services issued final regulations (also referred to as the “Omnibus Rule”) that include changes to the privacy, security and breach...more

Although the HIPAA Omnibus Final Rule's expansion of business associate liability could create difficulties for healthcare providers and other covered entities seeking to negotiate business associate agreements with vendors...more

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

- hide

Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.

Security

JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.